Description
WordPress Plugin Menu Image is prone to an issue which allows the add-on of malicious scripts to the affected website, through the use of notice.php file. WordPress Plugin Menu Image version 2.6.9 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.7.0 or latest
References
Related Vulnerabilities
ReviveAdserver Improper Access Control Vulnerability (CVE-2015-7367)
WordPress Plugin NewStatPress Cross-Site Scripting (1.0.5)
PHP CVE-2009-3559 Vulnerability (CVE-2009-3559)
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)
Zikula Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0535)